Taking a Shot at Reverse Shell Attacks, CNC Phone Home and Data Exfil from Servers, (Mon, Feb 1st)

Over the last number of weeks (after the Solarwinds Orion news) there&#;x26;#;39;s been a lot of discussion on how to detect if a server-based applcation is compromised. The discussions have ranged from buying new sophisticated tools, auditing the development pipeline, to diffing patches. But really, for me it&#;x26;#;39;s as simple as saying “should my application server really be able to connect to any internet host on any protocol”. Let&#;x26;#;39;s take it one step further and say “should my application server really be able to connect to arbitrary hosts on tcp/443 or udp/53 (or any other protocol)”. And when you phrase it that way, the answer really should be a simple “no”.

Over the last number of weeks (after the Solarwinds Orion news) there's been a lot of discussion on how to detect if a server-based applcation is compromised.  The discussions have ranged from buying new sophisticated tools, auditing the development pipeline, to diffing patches.  But really, for me it's as simple as saying "should my application server really be able to connect to any internet host on any protocol".  Let's take it one step further and say "should my application server really be able to connect to arbitrary hosts on tcp/443 or udp/53 (or any other protocol)".  And when you phrase it that way, the answer really should be a simple "no".


Print Share Comment Cite Upload Translate
APA
() » Taking a Shot at Reverse Shell Attacks, CNC Phone Home and Data Exfil from Servers, (Mon, Feb 1st). Retrieved from https://www.truth.cx/2021/02/01/taking-a-shot-at-reverse-shell-attacks-cnc-phone-home-and-data-exfil-from-servers-mon-feb-1st/.
MLA
" » Taking a Shot at Reverse Shell Attacks, CNC Phone Home and Data Exfil from Servers, (Mon, Feb 1st)." - , https://www.truth.cx/2021/02/01/taking-a-shot-at-reverse-shell-attacks-cnc-phone-home-and-data-exfil-from-servers-mon-feb-1st/
HARVARD
» Taking a Shot at Reverse Shell Attacks, CNC Phone Home and Data Exfil from Servers, (Mon, Feb 1st)., viewed ,
VANCOUVER
- » Taking a Shot at Reverse Shell Attacks, CNC Phone Home and Data Exfil from Servers, (Mon, Feb 1st). [Internet]. [Accessed ]. Available from: https://www.truth.cx/2021/02/01/taking-a-shot-at-reverse-shell-attacks-cnc-phone-home-and-data-exfil-from-servers-mon-feb-1st/
CHICAGO
" » Taking a Shot at Reverse Shell Attacks, CNC Phone Home and Data Exfil from Servers, (Mon, Feb 1st)." - Accessed . https://www.truth.cx/2021/02/01/taking-a-shot-at-reverse-shell-attacks-cnc-phone-home-and-data-exfil-from-servers-mon-feb-1st/
IEEE
" » Taking a Shot at Reverse Shell Attacks, CNC Phone Home and Data Exfil from Servers, (Mon, Feb 1st)." [Online]. Available: https://www.truth.cx/2021/02/01/taking-a-shot-at-reverse-shell-attacks-cnc-phone-home-and-data-exfil-from-servers-mon-feb-1st/. [Accessed: ]
Select a language:




Related Posts